원클릭으로
dotnet-package-upgrade-triage
How to diagnose and fix .NET package major-version upgrade breaks from Dependabot
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
메뉴
How to diagnose and fix .NET package major-version upgrade breaks from Dependabot
Codex 또는 Claude로 설치 이 Prompt를 복사해 Codex, Claude 또는 다른 어시스턴트에 붙여 넣으면 Skill 페이지를 검토하고 설치를 진행할 수 있습니다.
SOC 직업 분류 기준
| name | dotnet-package-upgrade-triage |
| description | How to diagnose and fix .NET package major-version upgrade breaks from Dependabot |
| domain | backend, dotnet, dependencies |
| confidence | high |
| source | earned (2026-05-14, Microsoft.OpenApi 2.x migration) |
When Dependabot upgrades .NET packages (especially Swashbuckle, ASP.NET Core, Azure SDKs), major version bumps often include breaking changes:
This skill provides a systematic triage process to isolate, understand, and fix these breaks efficiently.
When build fails after Dependabot PR merge:
Directory.Packages.props (central package management) or *.csproj for version changes.dotnet nuget why <project> <package> to understand dependency chains. A Swashbuckle upgrade may pull in Microsoft.OpenApi 2.x.Before bulk-editing production code:
cd /tmp && mkdir test_pkg && cd test_pkg
cat > test.csproj << 'EOF'
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFramework>net9.0</TargetFramework>
<OutputType>Exe</OutputType>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="Swashbuckle.AspNetCore" Version="10.1.7" />
</ItemGroup>
</Project>
EOF
Try the old pattern first to confirm it fails. Then iterate on new patterns until build succeeds.
Check in order:
docs/migration or MIGRATION.md in repotest/ or samples/ directories in the package's GitHub repoExample:
git clone --depth 1 --branch v10.1.7 https://github.com/domaindrivendev/Swashbuckle.AspNetCore.git
grep -r "AddSecurityDefinition" test/ --include="*.cs" -A 10
Look for how the official tests use the new API.
In your throwaway project, test the complete pattern:
using Microsoft.OpenApi; // Changed from Microsoft.OpenApi.Models
var builder = WebApplication.CreateBuilder(args);
builder.Services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new OpenApiInfo { Title = "Test" });
c.AddSecurityRequirement(doc => new OpenApiSecurityRequirement
{
{ new OpenApiSecuritySchemeReference("Bearer", doc), [] }
});
});
Run dotnet build. If it succeeds, you've validated the fix.
Before applying fixes to production code:
cd /path/to/repo
grep -r "Microsoft\.OpenApi\.Models" src/ --include="*.cs"
This shows:
Use the edit tool to make surgical changes:
using statements firstPick one affected service and build it:
cd src/user-service && dotnet build -c Release 2>&1 | tail -30
This catches:
Update agent history with:
Write a decision document explaining:
Break: Microsoft.OpenApi.Models namespace removed.
Fix:
// BEFORE (Microsoft.OpenApi 1.x)
using Microsoft.OpenApi.Models;
c.AddSecurityRequirement(new OpenApiSecurityRequirement
{
{
new OpenApiSecurityScheme
{
Reference = new OpenApiReference
{
Id = "Bearer",
Type = ReferenceType.SecurityScheme
}
},
Array.Empty<string>()
}
});
// AFTER (Microsoft.OpenApi 2.x)
using Microsoft.OpenApi;
c.AddSecurityRequirement(doc => new OpenApiSecurityRequirement
{
{
new OpenApiSecuritySchemeReference("Bearer", doc),
[]
}
});
Key Changes:
Microsoft.OpenApi.Models.* → Microsoft.OpenApi.*OpenApiSecuritySchemeReference replaces manual OpenApiSecurityScheme { Reference = ... }AddSecurityRequirement now requires Func<OpenApiDocument, ...> to pass document contextstring[] to List<string> (use [] collection expression)❌ Don't guess the fix — Create a test project to validate before bulk editing production code.
❌ Don't fix blindly — If the build error is a namespace issue but there are also NuGet restore errors, the code fix may be correct even if the build still fails. Separate concerns.
❌ Don't ignore other errors — After fixing the primary issue, note any secondary build errors for follow-up (but don't fix them in the same pass if they're unrelated).
❌ Don't pin back without trying forward — Reverting to an older package version should be a last resort. Most breaking changes have straightforward migration paths.
❌ Don't trust AI-generated migration guides — Web search results may be outdated or wrong. Always verify with official source code or test projects.
"Package version not found" during restore:
"Type still not found after namespace change":
strings ~/.nuget/packages/<package>/<version>/lib/<tfm>/<assembly>.dll | grep <TypeName>"Lambda required but wasn't before":
OpenApiDocument for references)"Build succeeds in test project but fails in production":
Directory.Packages.props) may pin a transitive dep to an incompatible versiondotnet nuget why <project> <package> to trace the conflict